It is presented a key device comprising: a mechanical interface for mechanically maneuvering a lock device upon successful access control. The mechanical interface comprises a connector for powering the lock device and for communication with the lock device such that the lock device is able to perform electronic access control using the key device. The key device further comprises a clock; a memory; a radio communication module; and a controller arranged to, using the radio communication module communicate online with an access control device and use the memory as temporary storage for offline communication between the access control device and one or more lock devices. A corresponding method, computer program and computer program product are also presented.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A key device ( 1 ) comprising: a mechanical interface ( 13 ) for mechanically manoeuvring a lock device ( 20 ) upon successful access control, the mechanical interface comprising a connector ( 12 ) for powering the lock device ( 20 ) and for communication with the lock device ( 20 ) such that the lock device ( 20 ) is able to perform electronic access control using the key device ( 1 ); a clock ( 4 ); a memory ( 17 ); a radio communication module ( 6 ); and a controller ( 2 ) arranged to, using the radio communication module ( 6 ) communicate online with an access control device ( 30 ) and use the memory ( 17 ) as temporary storage for offline communication between the access control device and one or more lock devices ( 20 ).
A key device enables both mechanical and electronic access control. It has a mechanical interface to operate a lock, including a connector to power and communicate with the lock. The key device includes a clock, memory, and radio communication module. A controller uses the radio module to communicate online with an access control device. The memory acts as temporary storage for data exchanged between the access control device and one or more locks, facilitating offline communication. This allows the key to update lock access rights and collect audit trails even when not directly connected.
2. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to use the memory as temporary storage for a list of access rights from the access control device bound for one or more lock devices ( 20 ).
The key device, as described previously, uses its memory to temporarily store access rights received from a central access control device that are intended for one or more lock devices. This means the key can act as an intermediary, carrying updated permissions to the locks even when the locks are not directly connected to the central system. The controller manages this transfer of access rights information.
3. The key device ( 1 ) according to claim 2 , wherein the list of access rights comprises a revocation list, indicating key devices which are to be barred from gaining access.
The key device, which stores access rights for locks, includes a revocation list within those rights. This list indicates which key devices should be denied access. When a key device receives this revocation list, it will deny access to any key listed, preventing compromised or outdated keys from opening the lock. This enhances security by allowing for remote disabling of specific keys.
4. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to use the memory as temporary storage for an audit trail from one or more lock devices ( 20 ) bound for the access control device ( 30 ).
The key device, described as having memory for data transfer between an access control and locks, also stores audit trails from the locks. These audit trails are records of access events at each lock. The key device temporarily holds this data and then transmits it back to the central access control device, providing a log of who accessed each lock and when.
5. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to receive an updated time for the clock ( 4 ) of the key device ( 1 ).
The key device, which communicates with a central access control, can receive an updated time for its internal clock. This synchronization ensures the key device's time is accurate, which can be crucial for time-based access control policies or for accurate audit logging. The controller receives and sets the updated time.
6. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to send a challenge code to the access control device ( 30 ); receive a response code along with the updated time, the response code being based on the challenge code; and determine the updated time to be valid when the response code is determined to be valid.
The key device can synchronize its clock with a central access control by sending a challenge code and receiving a response code and updated time. The controller determines the updated time is valid only if the response code is also valid. The response code is based on the challenge code, preventing replay attacks and ensuring the time update is legitimate.
7. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to determine the response code to be valid when the response code comprises a correct cryptographic processing result based on the challenge code and the updated time.
In the process of synchronizing its clock, the key device validates the received time by verifying the response code. The response code is considered valid only if it contains the correct cryptographic processing result, calculated using both the initial challenge code and the received updated time. This cryptographic check provides strong assurance that the time is authentic and hasn't been tampered with.
8. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to determine the response code to be valid when the response code comprises a correct cryptographic processing result based on the challenge code and when the response code is received within a threshold time from when the challenge code is sent.
To validate the updated time, the key device ensures the response code contains a correct cryptographic result derived from the challenge code. Additionally, the response code must be received within a specific timeframe after the challenge code was sent. This time constraint helps prevent replay attacks, where an attacker might try to use a previously captured response code to falsely update the clock.
9. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to perform any one or more of the following communication with the access control device ( 30 ): receiving updated access rights specifically for the key device ( 1 ), receiving an updated validity time for the key device ( 1 ), and sending an audit trail for the key device ( 1 ).
The key device can perform several communication tasks with the central access control device. These include receiving updated access rights specifically for that key device, receiving an updated validity time indicating how long the key is authorized to function, and sending its own audit trail of access attempts back to the central system.
10. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to communicate with the access control device ( 30 ) to obtain authorisation for the key device ( 1 ) to be granted access by a lock device ( 20 ) when the connector ( 12 ) of the key device ( 1 ) is connected with a connector ( 23 ) of the lock device ( 20 ).
The key device can request authorization from the central access control system specifically when it is physically connected to a lock. This means when the key is inserted into a lock, the key device will communicate with the access control to verify that it should be granted access. Only if the central system authorizes the access will the lock be opened.
11. The key device ( 1 ) according to claim 1 , wherein the controller ( 2 ) is arranged to only perform the communication with the access control device when a trigger condition has been determined to be true in the key device ( 1 ).
The key device only communicates with the central access control when a specific trigger condition is met within the key device. This condition must be satisfied before the key attempts to connect and exchange data, preventing unnecessary radio communication and conserving battery life.
12. The key device ( 1 ) according to claim 1 , wherein the key device ( 1 ) further comprises a user input device ( 7 ), and the trigger condition is true when the user input device is actuated.
The key device has a user input device, such as a button. The trigger condition for online communication with the central access control, as described previously, is met when the user activates this input device. Pressing the button initiates the communication process.
13. The key device ( 1 ) according to claim 1 , further comprising a code input device ( 8 ).
The key device includes a code input device. This could be a keypad or similar mechanism for entering a code. This code input device allows the user to manually enter information into the key device.
14. The key device ( 1 ) according to claim 1 , wherein the controller ( 2 ) is arranged to require a correct code to be entered using the code input device ( 8 ) for the key device ( 1 ) to send a signal to request access, when the radio communication module ( 6 ) is offline from the access control device ( 30 ).
When the key device cannot communicate online with the central access control, the user must enter a correct code via the code input device. Only if the correct code is entered will the key device send a signal to the lock to request access. This adds a layer of security when the radio communication is unavailable, relying on a pre-programmed code.
15. The key device ( 1 ) according to claim 1 , wherein the controller is arranged to extend a validity time of the key device ( 1 ) when a correct code has been entered using the code input device ( 8 ).
If the correct code is entered using the code input device on the key device, the key device will extend its own validity time. This provides a way to temporarily extend the key's authorization to function, for instance, if communication with the central access control is unavailable and the user needs continued access.
16. The key device ( 1 ) according to claim 1 , wherein the radio communication module ( 6 ) is a short range communication module for communication with the access control device via an intermediary access control communication device ( 70 ).
The key device uses a short-range radio communication module to communicate with the central access control. However, the communication isn't direct. Instead, the key communicates via an intermediary access control communication device that acts as a bridge to the central system. Examples of short-range communication include Bluetooth or NFC.
17. The key device ( 1 ) according to claim 1 , wherein the radio communication module ( 6 ) is a cellular network communication module for communication with via a cellular network.
The key device uses a cellular network communication module to communicate with the central access control. This allows the key device to connect to the central system via a cellular network, enabling wide-area communication.
18. A method, performed in a key device ( 1 ), the key device comprising a mechanical interface ( 13 ) for mechanically manoeuvring a lock device ( 20 ) upon successful access control, the mechanical interface comprising a connector ( 12 ) for powering the lock device ( 20 ) and for communication with the lock device ( 20 ); and a clock ( 4 ), the method comprising the steps of: communicating ( 51 ) online, using a radio communication module ( 6 ) of the key device ( 1 ) with an access control device ( 30 ); and using ( 53 ) a memory ( 17 ) of the key device ( 1 ) as temporary storage for offline communication between the access control device and one or more lock devices ( 20 ).
A method performed by a key device with a mechanical interface for operating a lock, involves communicating online with an access control device using the key's radio communication module. The key's memory is used as temporary storage for data exchanged between the access control and one or more locks, facilitating offline communication.
19. The method according to claim 18 , wherein the step of using ( 53 ) the memory as temporary storage comprises using the memory as temporary storage for an updated list of access rights from the access control device bound for one or more lock devices ( 20 ).
The method of using memory as temporary storage in the key device involves storing an updated list of access rights. This list originates from the central access control and is intended for distribution to one or more lock devices. The key device thus acts as a carrier for updating lock permissions.
20. The method according to claim 19 , wherein the list of access rights comprises a revocation list, indicating key devices which are to be barred from gaining access.
In the method of managing access rights, the list of access rights stored on the key device includes a revocation list. This revocation list identifies specific key devices that should be denied access to locks. This enables the central system to remotely disable specific keys.
21. The method according to claim 18 , wherein the step of using ( 53 ) the memory as temporary storage comprises using the memory as temporary storage for an audit trail from one or more lock devices ( 20 ) bound for the access control device ( 30 ).
The method of using the key device memory includes storing an audit trail from one or more locks. This trail is destined for the central access control device. This allows the key to collect usage logs from locks and relay them back to the central system for analysis.
22. The method according to claim 18 , wherein the step of communicating ( 51 ) with the access control device comprises receiving an updated time for the clock ( 4 ) of the key device ( 1 ).
The method of communication with the central access control involves the key device receiving an updated time for its internal clock. This ensures the key's clock is synchronized, which is important for time-based access control and accurate audit logging.
23. The method according to claim 18 , wherein the step of communicating ( 51 ) with the access control device comprises: sending ( 51 a ) a challenge code to the access control device ( 30 ); receiving ( 51 b ) a response code along with the updated time, the response code being based on the challenge code; and determining ( 51 c ) the updated time to be valid when the response code is determined to be valid.
The method of communication with the central access control involves a challenge-response mechanism for time synchronization. The key device sends a challenge code to the access control, receives a response code and updated time, and then validates the time by verifying the response code.
24. The method according to claim 18 wherein the step of determining ( 51 c ) the updated time to be valid comprises determining the response code to be valid when the response code comprises a correct cryptographic processing result based on the challenge code and the updated time.
Validating the updated time in the challenge-response method involves ensuring the response code contains a correct cryptographic processing result. This result is based on the original challenge code and the received updated time. This cryptographic check ensures the integrity and authenticity of the time update.
25. The method according to claim 18 , wherein the step of determining ( 51 c ) the updated time to be valid comprises determining the response code to be valid when the response code comprises a correct cryptographic processing result based on the challenge code and when the response code is received within a threshold time from when the challenge code is sent.
The method of validating the updated time also involves a timing constraint. The response code must contain a correct cryptographic result based on the challenge code, and it must be received within a set time limit after the challenge was sent. This prevents replay attacks.
26. The method according to claim 18 , wherein the step of communicating ( 51 ) with the access control device comprises any one or more of the following substeps: receiving updated access rights specifically for the key device ( 1 ), receiving an updated validity time for the key device ( 1 ), and sending an audit trail for the key device ( 1 ).
The method of communication with the access control device encompasses several sub-steps. These include receiving updated access rights specific to the key, receiving an updated validity time for the key, and sending the key's own audit trail to the access control device.
27. The method according to claim 18 , further comprising the step of: determining ( 50 ) whether a trigger condition is true; and wherein the step of communicating ( 51 ) with the access control device only occurs when the trigger condition has been determined to be true.
The method includes a step of determining if a trigger condition is true. The communication with the central access control only occurs when this condition is met. This prevents unnecessary communication.
28. The method according to claim 18 , further comprising the steps of: receiving ( 54 ), using a code input device ( 8 ), a code entered by a user when the radio communication module ( 6 ) is offline from the access control device ( 30 ); and communicating ( 56 ) with the lock device ( 20 ) to request access only when the code is determined to be is correct.
The method involves receiving a code entered by the user via a code input device when the radio communication is offline. The key device only requests access from the lock if the entered code is correct.
29. The method according to claim 18 , further comprising the step of: extending ( 58 ) a validity time of the key device ( 1 ) when the code is determined to be correct.
The method includes extending the validity time of the key device when a correct code is entered by the user. This allows continued use of the key even when offline.
30. A computer program ( 66 ) comprising computer program code which, when run on a key device ( 1 ) comprising a mechanical interface ( 13 ) for mechanically manoeuvring a lock device ( 20 ) upon successful access control, the mechanical interface comprising a connector ( 12 ) for powering the lock device ( 20 ) and for communication with the lock device ( 20 ); and a clock ( 4 ), causes the key device ( 1 ) to: communicate online, using a radio communication module ( 6 ) of the key device ( 1 ), with an access control device ( 30 ); and use a memory ( 17 ) of the key device ( 1 ) as temporary storage for offline communication between the access control device and one or more lock devices ( 20 ).
A computer program, when run on a key device with a mechanical interface for operating a lock, performs these actions: it communicates online with an access control device using the key's radio communication module, and it uses the key's memory as temporary storage for offline communication between the access control device and one or more lock devices.
31. A computer program product ( 17 ) comprising a computer program according to claim 30 and a computer readable means on which the computer program is stored.
A computer program product consists of a computer program as described above, stored on a computer-readable medium.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
January 24, 2017
July 11, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.